Lucene search
MitreCVE-2010-0392HistoryJan 26, 2010 - 6:30 p.m.
CVE-2010-0392
2010-01-2618:30:01
CWE-119
mitre
web.nvd.nist.gov
29
cve
2010
0392
buffer overflow
thegreenbow
vpn client
security vulnerability
nvd
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
8.3
Confidence
High
EPSS
0.293
Percentile
96.9%
Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to “phase 2.”
Affected configurations
Node
thegreenbowipsec_vpn_clientMatch4.51.001
ORthegreenbowipsec_vpn_clientMatch4.65.003
| Vendor | Product | Version | CPE |
|---|---|---|---|
| thegreenbow | ipsec_vpn_client | 4.51.001 | cpe:2.3:a:thegreenbow:ipsec_vpn_client:4.51.001:*:*:*:*:*:*:* |
| thegreenbow | ipsec_vpn_client | 4.65.003 | cpe:2.3:a:thegreenbow:ipsec_vpn_client:4.65.003:*:*:*:*:*:*:* |
Related
prion
prion
Stack overflow
2010-01-26 18:30:00
nessus
nessus
TheGreenBow VPN Client TGB File OpenScriptAfterUp Parameter Local Overflow
2010-06-02 00:00:00
openvas
openvas
TheGreenBow IPSec VPN Client Local Stack Overflow Vulnerability
2010-01-28 00:00:00
TheGreenBow IPSec VPN Client Local Stack Overflow Vulnerability
2010-01-28 00:00:00
cvelist
cvelist
CVE-2010-0392
2010-01-26 18:00:00
nvd
nvd
CVE-2010-0392
2010-01-26 18:30:01
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
8.3
Confidence
High
EPSS
0.293
Percentile
96.9%
Related for CVE-2010-0392